3 files changed, 15 insertions, 27 deletions

diff --git a/maildrop.c b/maildrop.c
index edc47b7..4b9055c 100644
--- a/maildrop.c
+++ b/maildrop.c
@@ -47,7 +47,7 @@ static size_t expand(char *, const char *, size_t, struct passwd *);
 
 static struct mdrop m;
 
-void
+pid_t
 maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
     int type, const char *path)
 {
@@ -60,21 +60,13 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
 	mode_t			old_mask;
 	int			fd, flags, res = -1;
 
-	if (seteuid(pw->pw_uid) < 0)
-		fatal("cannot lower privileges");
+	if ((pid = fork()) != 0)
+		return (pid);
 
-	pid = fork();
-	if (seteuid(0) < 0)
-		fatal("cannot restore privileges");
-
-	if (pid < 0)
-		fatal("maildrop: fork");
-
-	if (pid > 0)
-		return;
-
-	if (seteuid(pw->pw_uid) < 0)
-		fatal("cannot lower privileges");
+	if (setgroups(1, &pw->pw_gid) ||
+	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
+	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
+		fatal("cannot drop privileges");
 
 	close(pair[0]);
 	setproctitle("maildrop");
@@ -100,14 +92,6 @@ maildrop_init(uint32_t session_id, int pair[2], struct passwd *pw,
 	}
 
 	umask(old_mask);
-	if (seteuid(0) < 0)
-		fatal("cannot restore privileges");
-
-	if (setgroups(1, &pw->pw_gid) ||
-	    setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
-	    setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
-		fatal("cannot drop privileges");
-
 	event_init();
 	signal_set(&ev_sigint, SIGINT, sig_handler, NULL);
 	signal_set(&ev_sigterm, SIGTERM, sig_handler, NULL);
diff --git a/pop3d.c b/pop3d.c
index 56c8047..77cbfa0 100644
--- a/pop3d.c
+++ b/pop3d.c
@@ -170,9 +170,14 @@ authenticate(struct imsgev *iev, struct imsg *imsg)
 	if ((pw = getpwnam(req->user)) == NULL)
 		fatalx("authenticate: getpwnam");
 
-	maildrop_init(imsg->hdr.peerid, pair, pw, mtype, mpath);
-	close(pair[1]);
+	if (maildrop_init(imsg->hdr.peerid, pair, pw, mtype, mpath) == -1) {
+		logit(LOG_INFO, "%u: unable to fork maildrop process",
+		    imsg->hdr.peerid);
+		pair[0] = -1;
+		goto end;
+	}
 
+	close(pair[1]);
 end:
 	imsgev_xcompose(iev, IMSG_AUTH, imsg->hdr.peerid, 0,
 	    pair[0], NULL, 0, "authenticate");
diff --git a/pop3d.h b/pop3d.h
index 15b9b09..f8f6881 100644
--- a/pop3d.h
+++ b/pop3d.h
@@ -157,8 +157,7 @@ int session_cmp(struct session *, struct session *);
 SPLAY_PROTOTYPE(session_tree, session, entry, session_cmp);
 
 /* maildrop.c */
-void maildrop_init(uint32_t, int [2], struct passwd *,
-    int, const char *);
+pid_t maildrop_init(uint32_t, int [2], struct passwd *, int, const char *);
 
 /* util.c */
 void set_nonblocking(int);